EHF Secure Communication Device

ABSTRACT

A communication device employs a contactless secure communication interface to transmit and receive data with a computing device using close proximity extremely high frequency (EHF) communication. The communication device and the computing device periodically initiate a discovery operation mode, whereby the devices periodically transmit identifying information about the respective devices and listen for identifying information from the other device. Upon completion of the discovery mode operation, the devices enter a link-training operation mode and exchange capability information about the respective devices. During transport mode operation the communication device employs methods to manage access to data stored on the communication device by encrypting the data using one or a combination of training information or capability information as a basis for generating an encryption key.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a continuation of co-pending U.S. application Ser. No. 14/135,458, filed Dec. 19, 2013, and entitled “EHF Secure Communication Device,” which claims the benefit of U.S. Provisional Patent Application No. 61/779,579, filed on Mar. 15, 2013, and U.S. Provisional Patent Application No. 61/799,510, filed on Mar. 15, 2013, each of which is incorporated by reference in their entirety.

BACKGROUND

1. Technical Field

This disclosure relates an electronic communication device with a secure contactless communication interface.

2. Description of the Related Arts

Advances in electronic communication device technology have produced smaller devices with increased storage capacity, and faster transfer rates. Similar gains, however, have not been realized in the connectivity technology to transfer data to and from these devices. For example, a portable data card, such as a Secure Digital (SD) card, is now equipped with communication functionality and utilizes mechanical connectors to deliver a transfer rate of around 20 MB/s.

Transfer rate for portable data cards or storage devices like SD cards is often limited by the connection interface and the power required to transfer data. Transfer rate also provides a practical limitation on the storage capacity because at some point it becomes impractical to wait for a large amount of data to be transferred over a low data rate interface. Existing contact-based connectors may limit the form factor, transfer rates, ESD capabilities, and device ruggedness. Other connection interface technologies utilize wireless broadcasting methods to improve data transfer rate. Broadcasting techniques, however, may compromise the security of the data transfer.

SUMMARY

Embodiments include a device and an approach for managing access to information stored on a communication device over a contactless secure communication interface by using a communication interface configured to transmit and receive data using close proximity extremely high frequency (EHF) communication. The communication device periodically initiates a discovery operation mode, whereby the communication device periodically monitors to detect identifying information from an EHF transmission received from a computing device or another communication device. The communication device also periodically initiates a discovery mode, whereby the computing device periodically transmits indentifying information to the computing device. In one embodiment, the identifying information includes a beacon transmission (e.g., a series of unencoded or encoded pulses). When the communication device detects the identifying information from the computing device, the communication device transmits identifying information about the communication device to the computing device. The computing device, in turn, when detecting the identifying information received from the communication device, transitions from the discovery mode to a link-training mode. Subsequently, the communication device also enters the link-training mode.

During the link-training mode, the communication device and the computing device monitor whether a link-training pattern is received from the computing device and the communication device, respectively. In one implementation, the transmitting device sends a specified data pattern to enable the receiving device to optimize receiver settings (e.g., signal levels, amplification, or other signal conditioning techniques). The receiving device, in turn, enters a learning mode and sends an acknowledgement to the transmitting device when the receiving device completes training. In one embodiment, the receiving device exits the learning mode when a threshold number of training cycles have been received by the receiving device. When the receiving device has not received a threshold number of training cycles within a specified time period (e.g., 100 ms), the receiving device sends a message to the transmitting device indicating that link-training has not been completed.

The link-training pattern is a data pattern that is suitable to enable the communication device and the computing device to determine settings sufficient to receive and detect information provided by the transmitting device (i.e., the computing device or the communication device). In one example, the data pattern is 1 μs of alternating “1” and “0” levels followed by an idle level, changing every third period of a reference clock coupled to the transmitter circuit 305 and the receiver circuit 310. In another example, the link-training pattern may use multiple EHF levels or codings in addition to idle levels to determine the settings. The reference clock may be of any suitable clock frequency (e.g., 266 MHz) sufficient to exchange information between the communication device 100 and the computing device 300. In one embodiment, the receiving device operating in link-training mode evaluates attributes of the received training pattern to determine whether the communication link between the transmitting and the receiving device is suitable to exchange information between the two devices. For example, in one embodiment, the receiving device operating in link-training mode qualifies the strength of the received training pattern to determine whether proximity between the devices satisfies a threshold distance.

In one embodiment, upon completion of the link-training period, the communication device and the computing device will exchange capability information about the respective devices, including, for example, device type, transport mode, vendor information, protocol information, and authentication information (e.g., encryption information). When received, the receiving device validates the capability information against its own capability information (e.g., transport mode capabilities), and transitions to a transport mode to exchange information between the two devices. In one embodiment, during transport mode the communication device employs methods to manage access to data stored on the communication device. In one example, the communication device employs an authentication protocol using a portion of the capability, information or attributes of one or a combination of received or transmitted EHF information.

The features and advantages described in the specification are not all inclusive and, in particular, many additional features and advantages will be apparent to one of ordinary skill in the art in view of the drawings and specification. Moreover, it should be noted that the language used in the specification has been principally selected for readability and instructional purposes, and may not have been selected to delineate or circumscribe the inventive subject matter.

BRIEF DESCRIPTION OF THE DRAWINGS

The teachings of the embodiments of the present disclosure can be readily understood by considering the following detailed description in conjunction with the accompanying drawings.

FIG. 1 illustrates a plan view of a communication device, according to one embodiment.

FIG. 2 illustrates an arrangement of a communication device, according to one embodiment.

FIG. 3A illustrates a block diagram of a close proximity extremely high frequency (EHF) communication interface included in a communication device of FIG. 1 and a computing device, according to one embodiment.

FIG. 3B illustrates a block diagram of another close proximity extremely high frequency (EHF) communication interface included in a communication device of FIG. 1 and a computing device, according to one embodiment.

FIG. 4 illustrates a graph that shows the timing of multiple timer cycles for transmitter and receiver timers included in a pair of communication interface units of FIG. 3B, according to one embodiment.

FIG. 5 shows a block diagram illustrating a time of flight calculation of information exchanged between communication interface units of FIG. 3B, according to one embodiment.

FIG. 6 illustrates a block diagram of a communication interface unit that includes an encryption module, according to one embodiment.

FIG. 7 illustrates a flowchart of a method for controlling access to a communication device, according to one embodiment.

DETAILED DESCRIPTION OF EMBODIMENTS

The Figures (FIG.) and the following description relate to preferred embodiments of the present disclosure by way of illustration only. It should be noted that from the following discussion, alternative embodiments of the structures and methods disclosed herein will be readily recognized as viable alternatives that may be employed without departing from the principles of the present disclosure.

Reference will now be made in detail to several embodiments of the present disclosure, examples of which are illustrated in the accompanying figures. It is noted that wherever practicable similar or like reference numbers may be used in the figures and may indicate similar or like functionality. The figures depict embodiments of the present disclosure for purposes of illustration only. One skilled in the art will readily recognize from the following description that alternative embodiments of the structures and methods illustrated herein may be employed without departing from the principles of the embodiments described herein.

Example Communication Device

FIG. 1 is a plan view illustrating a communication device 100, according to one embodiment. As shown in FIG. 1, the communication device 100 is a portable device with a form factor similar to a credit card, security fob, smart card, or other portable storage device. The communication device 100 includes a data storage medium, which may include one or more memory devices 110, communication interface units 105, controllers 115, power management unit 120, an inductive coil 130, and a power interface circuit 135 all arranged and disposed on substrate 125 within the communication device. The memory device 110 may be volatile memory, such as random access memory (RAM), or non-volatile memory, such as flash memory, or another device that employs other suitable data storage technology, and data may be written to and read by the controller 115. The controller 115 manages the flow of data between a communication interface unit 105 and one or more memory devices 110. The controller 115 may be a separate integrated circuit, integrated into a memory device 110, or may be included in a processor (not shown) included in the communication device 100.

The communication interface unit 105 includes circuitry configured to transmit and receive close proximity extremely high frequency electromagnetic energy (i.e., transmissions) as further discussed with reference to FIG. 3. Examples of a communication interface unit 105 are described in U.S. patent application Ser. No. 13/471,052, which is incorporated by reference in its entirety. The power management unit 120 is a contactless power system, such as an inductive power system. For example, as shown in FIG. 1, the power management unit 120 includes an inductive coil 130 configured to receive electromagnetic energy and convert the received electromagnetic energy to electrical energy, and a power interface circuit 135 configured to distribute electrical power to the devices on the communication device 100. The power interface circuit 135 may also store part of the generated electrical energy in an energy storage unit, for example, a battery (not shown).

The substrate 125 may be a printed circuit board (PCB) or other dielectric material that includes an upper and a lower planar surface and multiple edges for a perimeter. In one example, one or more communication interface units 105 are positioned on the substrate 125 to provide communication between components coupled to the respective communication interface units 105 co-located on a planar surface of the substrate 125. In another example, one or more communication interface units 105 are placed on an upper and lower planar surface of the substrate to provide communication between components included on a substrate that includes corresponding communication interface units and arranged above or below the substrate 125, as further described with reference to FIG. 2. In a further example, one or more communication interface units 105 are arranged on the perimeter of the substrate 125 to provide communication between the communication device 100 and a computing device 300 that includes a corresponding communication interface unit, as further described with reference to FIG. 3.

As described herein, the communication device 100 may also be referred to as a client device, and in particular when the communication device 100 communicates with a host computing device. In some embodiments, a host and a client device are positioned at distance and alignment relative to each other sufficient to permit the corresponding communication interface units 105 on the client and host devices to exchange information.

The communication device 100 also includes a covering 140 or sealing layer disposed on the components arranged on the substrate, such that the covering 140 forms a hermetically sealed communication device 100. In one embodiment, the covering 140 is composed of a dielectric material or other non-electrically conductive material suitably transparent to electromagnetic energy in the EHF range (typically, 30-300 GHz). In another embodiment, the covering 140 is composed of a metallic or electrically conductive material suitable to direct, shield, or otherwise manipulate the propagation of EHF energy.

The communication device 100 may be backward compatible with SD, Multi Media Card (MMC), or other standards and include one or a combination of an EHF transmitter and EHF receiver. In one embodiment, the communication device 100 is water-proof and immune to electrostatic discharge (ESD) events. In one embodiment, the communication device is activated (i.e., switched into a power-on operation mode) responsive to receiving an EHF transmission or transferring information to another device. In one embodiment, the communication device 100 is self-powered. In another embodiment, the communication device 100 is powered through a wireless transmission means.

FIG. 2 illustrates an arrangement of a communication device 100, according to one embodiment. The communication interface units 105 may be configured to transmit or receive an EHF transmission directionally or hemispherically. For example, the pair of communication interface units 105A and 105C is disposed facing each other on separate substrates within a communication device 100. As shown in FIG. 2, the pair of communication interface units 105A and 105C are is disposed and aligned on a lower surface of substrate 125A and on an upper surface of substrate 125B, respectively, and configured to transmit or receive EHF transmissions in a direction facing each other. The pair of communication interface units 105B and 105D is arranged and configured in a manner similar that described for the pair of communication interface units 105A and 105C to form a vertical contactless (i.e., non-physical connection between transmit and receive devices) communication path between communication interface units 105A and 105C. The configurable directionality of an EHF communication transmitted or received by a communication interface unit 105 enables inter-layer communication paths to be created to allow information to be exchanged between components disposed on substrate 125A and components disposed on substrate 125B. For portable communication devices, using a stacked-substrate configuration with communication interface units 105 creating contactless inter-layer communication paths allows storage capacity to scale while maintaining the footprint of the communication device.

In one embodiment, the spatial energy distribution of the EHF communication signal transmitted and received by a communication interface unit 105 may be relatively wide compared to the form factor of the communication interface unit 105. In turn, the substrates 125A and 125B may be substantially physically aligned in one axis with a physical separation in the other axis. For example, as shown in FIG. 2, the substrates 125A and 125B are aligned along the x-axis such that one or both of the communication interface unit pairs 105A and 105B and 105C and 105D can exchange information. Also, as shown in FIG. 2 the substrates 125A and 125B are separated by a distance d along the y-axis. In one implementation, the distance d is specified within a tolerance ranging from approximately 1 mm to approximately 5 cm without substantially affecting the communication channel between the communication interface unit pair 105A and 105C and the pair 105B and 105D. In other implementations, the substrates 125A and 125B are arranged in other alignments suitable to allow the communication interface unit pairs 105A and 105C and 105B and 105D to exchange information. Other alignment configurations employ one or a combination of discrete angles, waveguides, or other transmission medium to direct an EHF transmission along a specified path between paired communication units 105.

As shown in FIG. 2, the communication channel between paired communication interface units 105 is contactless. Intervening structures within the communication path between facing communication interface units 105 can be designed in order to not disrupt the exchange of information between the paired communication interface units 105. For example, in one embodiment, in a stacked configuration paired communication interface units 105 are disposed on nonadjacent layers and form a transmission path, such as a contactless conduction path, that traverses one or more intervening layers. In some cases, the intervening layers are composed of dielectric materials or other materials transparent to EHF emission. In one embodiment, regions of an intervening layer in the transmission path of paired communication interface units 105 are configured to be free from materials, such as metal components, that would impair communication between transmitting and receiving EHF devices across the transmission path. In one embodiment, regions of an intervening layer comprise electrically conductive materials configured to operate as an antenna (e.g., a slot antenna) to direct an EHF communication along a particular transmission path. In another embodiment, one or more intervening layers may include an opening or aperture on multiple intervening layers in the conduction path between paired communication interface units 105. The aperture is configured to have a size sufficient to pass an EHF transmission undisturbed such that communication between paired communication interface units 105 can be maintained. One or a combination of additional and alternative arrangements of substrates 125 and corresponding paired communication interface units 105 may be arranged as a communication device 100 assembly, as described in U.S. patent application Ser. No. 13/471,052, which is incorporated by reference in its entirety.

FIG. 3A illustrates a block diagram of a portable information storage system using a close proximity extremely high frequency (EHF) communication interface included in a communication device 100 and a computing device 300, according to one embodiment. In one embodiment, the portable information storage system includes a communication device 100 and storage device reader 300. The communication device 100 may be any suitable storage system capable of reading and writing electronic information, as previously described in reference to FIG. 1. More generally, the communication device 100 may also be a component or storage subsystem that is integrated into another device or system having a form factor larger than a mobile computing device or a portable storage device. The computing device 300 includes any suitable device having information processing functionality and one or more interfaces configured to receive information electrically, optically, electromagnetically, or other transmission format suitable to communicate with the communication device 100. The communication device 100 includes one or more communication interface units 105 for exchanging information with another communication interface unit 105 over a transmission path. The communication interface unit 105 is configured to transmit and receive an EHF transmission to another communication interface unit 105 over a conduction path. In particular, the communication interface unit 105 uses EHF close proximity coupling to exchange information at high data rates (e.g., 8 Gb/s) over a conduction path link ranging from approximately 1 mm to approximately 5 cm using EHF frequencies (typically, 30-300 GHz). The conduction path may include air or a dielectric material suitable to transmit electromagnetic energy in the EHF frequency range.

In one embodiment, the communication interface unit 105 includes a transmitter circuit 305 and a receiver circuit 310 coupled to an interface controller 320. The communication interface unit 105 also includes a transducer 315 coupled to the output of the transmitter circuit 305 and the input of the receiver circuit 310. The transmitter circuit 305A is configured to receive electrical information, representing information stored on the memory device 110, via the interface controller 320A and send the received electrical information to the transducer 315A for conversion to an EHF signal for transmission. In one embodiment, the transmitter circuit 305 operates in conjunction with interface controller 320 and transducer 315 to convert electrical information into an EHF transmission and to transmit a modulated EHF transmission. The receiver circuit 310 is a circuit configured to receive the EHF transmission from a transmitter circuit 305 using transducer 315, convert the received EHF transmission to electrical information, and provide the converted electrical information to interface controller 320 for further processing. Further details of the description of the transmitter circuit 305 and receiver circuit 310 are described in U.S. patent application Ser. No. 13/760,089, which is incorporated by reference in its entirety.

In one embodiment the transducer 315 is a folded dipole or loop antenna and configured to operate at radio frequencies in the EHF spectrum. The dimensions of the transducer 315 are suitable for operation in the EHF band of the electromagnetic frequency spectrum. In one embodiment, the transmitter circuit 305 and the receiver circuit 310 are coupled to a single transducer 315. In other embodiments, the transmitter circuit 305 and the receiver circuit 310 are coupled to separate transducers 315.

For example, as shown in FIG. 3B, a communication interface unit 105 includes multiple transducers 315A1 and 315A2 and multiple interface controllers 320A1 and 320A2. As shown in FIG. 3B, in the transmitter path, interface controller 320A1 is coupled to the input of transmitter circuit 305A. The output of the transmitter 305A is coupled to the input of transducer 315A1. Similarly, in the receiver path of the communication interface unit 105, interface controller 320A2 is coupled to the output of the receiver 310A. The output of the transducer 315A2 is coupled to the input of the receiver circuit 310A. The interface controllers 320A1 and 320A1 are coupled together to exchange information, such as timer information as will be later described with respect to the link-training mode operation. The computing device 300 may be configured in a similar manner as described with respect to the storage device 100 in FIG. 3B.

Returning to FIG. 3A, the interface controller 320 conditions information accessible by the communication device 100 or the computing device 300 for transmission by the transmitter circuit 305 and reception by the receiver circuit 310. Information conditioning applied to the interface controller 320 includes modulating transmitted EHF information, encoding electrical information accessible by the communication device 100 or the computing device 300, and generating an identifying message (e.g., a beacon transmission) for exchanging identifying information about the respective devices between the devices. Modulation schemes applied by the interface controller 320, for example, include amplitude-shift keying modulation, or other suitable modulation technique capable of being demodulated by a receiver circuit 310 of a corresponding receiving device.

During discovery mode operation, the interface controller 320 generates identifying information from a sending device and detects identifying information from a receiving device over a transmission path. As previously described, during the discovery operation mode the communication device 100 and one or more computing devices 300 transition from a low power state to transmit or receive identifying information from another device to determine whether the other device is available to exchange information. The minimum latency from a low power or powered down state to a discovery operation mode is approximately 1 microsecond. In one example, during the discovery operation mode, the communication device 100 powers up periodically and monitors a receive channel for identifying information from an EHF transmission generated by a computing device 300 or another storage device. To manage power, the interface controller 320 maintains the communication device 100 in powered down state or low power state during a substantial portion of the discovery operation mode relative to the portion of the discovery operation mode when the communication device 100 is monitoring a receive channel. For example, the interface controller 320 may enable the receiver circuit 310 to monitor for received EHF transmissions for 100 ns and disable the receiver circuit 310 for 999,900 ns in a given cycle. In this example, the power draw of the communication device 100 is approximately 50 mA when the receiver circuit is enabled and 5 μA when the receiver is disabled. Generally the on/off ratios (i.e., the ratio of when the receiver circuit 310 is enabled compared to when the receiver circuit 310 is disabled during the discovery operation mode) is approximately 1000:1.

The transmitter circuit 305B in the computing device 300 powers up periodically to transmit identifying information, such as a beacon, in the form of an EHF transmission. To manage power, the interface controller 320B maintains the ON/OFF ratios (i.e., the ratio of when the transmitter circuit 305B is enabled compared to when the transmitter circuit 305B is disabled during the discovery operation mode) to be approximately 1:500 (e.g., 2 ms on, 998 ms off). The minimum latency from a low power or powered down state to a discovery operation mode is approximately 1,000 ms. In this example, the current draw of the computing device 300 is approximately 40 mA when the transmitter circuit 305B is enabled and approximately 80 μA when the transmitter circuit is disabled. In one example, to enhance data transmission security the communication device 100 is configured to not respond or otherwise acknowledge receipt of a beacon transmitted by the computing device 300.

During the discover mode operation, the interface controller 320 also regulates the turn-on time and ON-time duration of the transmitter circuit 305 and receiver circuit 310 to ensure synchronization between the beacon transmission and beacon detection operations. In one embodiment, interface controller 320 enables the receiver circuit 310 to monitor for received beacon for a duration sufficient to coincide or otherwise overlap with a portion of the period of the beacon transmission generated by a computing device 300. In one example, the ON/OFF ratio for the receiver circuit 310A and the transmitter circuit 305B are set by the respective interface controllers 320A and 320B to enable the beacon transmission generated by the computing device 300 to coincide with multiple monitoring periods (i.e., ON periods where the receiver circuit 310A is enabled). For example, the interface controller 320A causes the transmitter circuit 305A to turn ON periodically every 50 μs, and causes the receiver circuit 310A to turn ON periodically for an ON-time duration of 100 μs. This ensures overlap between transmit and receive circuits. The ON/OFF ratio of the transmit circuit may be 1:500, while the ON/OFF ratio of the receive circuit may be 1:1000. The limitations of the ON/OFF ratio of the transmit circuit are limited by the minimum beacon pulse and minimum receive circuit ON period. For example, if the minimum beacon pulse is 100 ns and the receive circuit ON period is 100 us, the ON/OFF ratio of the transmit circuit may be set to 1:500. This ensures that if a beacon is present, the receive circuit will be able to detect it under all circumstances. The limitations of the ON/OFF ratio of the transmit circuit are limited by the receive circuit ON period and required wake-up time. For example, if the receive circuit ON period is 100 us and the required wake-up time is 100 ms, the ON/OFF ration of the receive circuit may be set to 1:1000. In another example, controller 320 enables the receiver circuit 310 to monitor for received beacon with an ON/OFF sequence that occurs at a lower rate or frequency (e.g., one hundredth) than the ON/OFF sequence of the beacon transmitted by transmitted circuit 305. In this example, by having a much different rate of enabling the receiver circuit 310 versus the transmitter circuit 305, a sufficient duration (i.e. at least one pulse of the ON/OFF sequence) can be set to coincide between the beacon sent by the transmitter circuit 305 and detected by a receiver circuit 310. In another example, the interface controller 320B of the computing device 300 causes the transmitter circuit 305B to chop (i.e., periodically switch the beacon transmission ON and OFF during a beacon transmission period). In this example, the interface controller 320B maintains a beacon transmission with an ON/OFF ratio of 1:5 during a beacon transmission period, while maintaining an ON/OFF ratio of 1:100 when the transmitter circuit 305B is enabled to transmit a beacon. This gives an overall ON/OFF ratio of 1:500. In another example, the interface controller 320A of the communication device 100 maintains the monitoring period, while the interface controller 320B varies the beacon period. The variation may range from 10 nanoseconds to 1 second, or longer.

In another example, the respective interface controllers use one or more reference clocks to synchronize the beacon transmission period with the monitoring period. Using a reference clock in such a manner enables narrower beacon transmission periods and lower beacon rates, which in turn, reduce the overall power draw for both the communication device 100 and the computing device 300. In another example, the data sequence used during the beacon period and the monitoring (i.e., listening) period are encoded, such that the transmitter circuit 305 transmits a particular bit sequence during the beacon period and the receiver circuit 310 of the receiving device looks for the particular bit sequence in the beacon EHF transmission during monitoring mode. The discovery operation mode is complete when each interface monitoring unit 320 in at least a pair of communicating devices determines that transmitted and received bit sequences match during the respective monitoring and beaconing transmission periods.

In one embodiment, the interface controller 320 of a transmitting device includes proximity-sensing circuitry configured to detect signals from a corresponding receiving device and determine based at least in part on the detected signal whether the pair of devices are physically arranged relative to each other in a manner to exchange information reliably. The proximity sensing circuitry of the interface controller 320 includes circuitry to detect an EHF transmission received from the receiver circuit, analyze attributes of the detected transmission, and decode information included in the detected EHF transmission, as further described in U.S. patent application Ser. No. 13/524,963, which is incorporated by reference in its entirety. The detected EHF transmission may be generated by the computing device 300 attempting access to information stored on communication device 100 or the detected EHF transmission may be derived (e.g., a reflected signal) from an EHF transmission generated by a communication interface unit 105.

In one example, the interface controller 320A is configured to detect an EHF transmission received from computing device 300 and determine the relative or actual distance between a surface of the communication interface unit 105A to a surface of a nearby object by detecting a change in a transmission property (e.g., an attribute of the impedance, return loss, etc.) of the transmitter side of transducer 315A caused by the nearby object. In this sense, the nearby object may be considered a transducer field-modifying device. A change in a transmission property of the transmitter side of the transducer 315A produces a signal that when compared with a reference signal indicates whether a nearby object is within a threshold distance D 330 from the communication device 100, as further described in U.S. patent application Ser. No. 13/524,963, which is incorporated by reference in its entirety. The value of the threshold distance D 330 is stored in memory accessible by the interface controller 320 and is used by the interface controller 320 for further processing.

In another example, the interface controller 320A includes circuitry to calculate a delay in the propagation time of an EHF transmission between the communication interface unit 105A and the communication interface unit 105C. The signal propagation time represents a measure of the round-trip time or portion thereof (e.g., time of flight from the transmitter of a first device to a receiver of a second device and vice versa) that it takes for an EHF transmission generated by the communication device 100 and received by the computing device 300 to be returned to the communication device 100. The interface controller 320A includes circuitry to determine the propagation time between transmitter circuit 305A and the receiver circuit 310B; the receiver circuit 310B and the transmitter circuit 305B; and the transmitter circuit 305B and the receiver circuit 310A based on attributes of the detected EHF transmission, and generate an indication of proximity between the communication device 100 and the computing device 300 based on the indication.

For example, in the example shown in FIG. 3A, during the link-training mode, the interface controller 320A of communication device 100 initiates one or more timers that count the number of clock cycles beginning from when training information is transmitted by a transmitter or receiver and ending when the transmitted information is received by the same transmitter or receiver circuit as further described in conjunction with FIG. 4. In one implementation, the training information is represented as a sequence of specified bits generated by the interface controller 320A. In another implementation, the training information is provided to the interface controller 320A from the memory device 110 or a source external to the communication device 100.

The interface controllers 320 operate in conjunction with the transmitter and receiver circuits of the respective communication interface units 105 to start and stop multiple timers in a cyclic manner. In one embodiment, during each timer cycle, each transmitter circuit 305 and each receiver circuit 310, in each communication interface unit 105 start a timer when the training information is sent by the circuit, and stop the timer when the training information completes a round-trip path returning to the circuit from which the link-training information originated. In one example, the round-trip path from the transmitter circuit 305A begins at the transmitter circuit 305A, and includes the transducer 315A1, the transmission path between the communication interface units 105A/B, transducer 315B1, the receiver circuit 310B, the interface controllers 320 B1 and 320 B2, the transmitter circuit 305B, the transducer 315B2, the transducer 315A2, the receiver circuit 310A, and the interface controllers 320A1 and 320A2.

In operation, the interface controller 320A starts a transmitter timer when the link-training information is transmitted by the transmitter circuit 305A and stops the timer when the link-training information transmitted by the transmitter circuit 305A is received by the transmitter circuit 305A or interface controller 320A1 from the receiver 310A via the interface controller 320A (or 320A1). This process is continued by the interface controller 320B (or 320B2), which starts a receiver timer when the link-training information from the transmitter circuit 305A is sent from the receiver circuit 310B to the transmitter circuit 305B via the interface controller 320B (or 320B2), and stops the receiver timer when the link-training information transmitted by the receiver circuit 310B is received by the receiver circuit 310B from communication interface unit 105A. The interface controllers 320B (or 320B1) also starts a transmitter timer when the link information from the receiver circuit 310 is transmitted by the transmitter circuit 305B and ending when the link-training information transmitted by the transmitter circuit 305B is received by the transmitter circuit 305B from the receiver 310B. To complete one iteration of the round-trip propagation calculation, the interface controller 320A (or 320A2) starts a receiver timer when the link-training information from the communication interface unit 105B is received by the receiver circuit 310A, and stops the receiver timer when the link-training information transmitted by the receiver circuit 310A is received by the receiver circuit 310A from communication interface unit 105B.

The communication interface unit 105 sends the link-training information at a specified time period or interval, including during periods when other information or data is not being exchanged between the communication interface units 105A and 105B. The communication interface unit 105 uses one or more techniques to exchange link-training information, including using a subcarrier, or using a coding scheme to send the link-training information along with other information. For example, a novel 8B/10B coding scheme may be used to exchange information between communication interface units 105A and 105B, where two bits are used to carry link-training information.

FIG. 4 illustrates a graph that shows the timing of multiple timer cycles for the transmitter and receiver timers included in the pair of communication interface units 105A and 105B of FIG. 3B. As shown in FIG. 4, the transmitter circuit 305A starts a transmitter timer at time t0, followed by the receiver circuit 310B, which starts a receiver timer at time t1 when the receiver circuit 310B receives the training information from the transmitter circuit 310A. In turn, the transmitter circuit 305B starts another transmitter timer at time t2 when it transmits the training information received by the receiver circuit 310B. At time t3, the receiver circuit 310A starts another receiver timer when it receives the training information from the transmitter circuit 305B. To complete the first timer cycle, the respective timers stop counting in the same order that the timers started their respective timers. For example, at time t4, the transmitter circuit 305A stops the transmitter timer, followed by the receiver circuit 310B stopping a receiver timer at time t5, the transmitter circuit 305B stopping a transmitter timer at time t6, and the receiver circuit 310A stopping a receiver timer at time t7 to complete the first cycle. In another implementation, at times t4411, a time stamp of the timer value of the respective timers is recorded while the timers continue running. In a further implementation, at times t4-t11, the respective timers stop and are restarted when the node sends the link training information to the next node in the communication path.

As previously described, in some implementations, the interface communication units 105A/B employ multiple timer cycles. The timers could count continuously throughout the multiple cycles or could be reset at each cycle. For example, as shown in FIG. 4, a second timer cycle begins at time t8 and ends at time t15. The transmitter and receiver timer information calculated by the interface controllers 320A and 320B is used by the interface controllers 320A and 320B to calculate a round-trip propagation time (i.e., time of flight) for the propagation of the training information between each device.

FIG. 5 shows a block diagram illustrating a time of flight calculation of information exchanged between communication interface units 105. Each of the nodes 1-4 represent one or a combination of components included in a communication interface unit 105. In one example, a node includes the interface controller 320, the transmitter circuit 305 or the receiver circuit 310, and the transducer 315. In other examples, a node includes alternative or additional components. As shown in FIG. 5, the calculated time of flight of a round-trip path from any of nodes 1-4 is equivalent, and equal to the sum of the propagation times d0-d4 between each node. In one embodiment, the propagation time between some nodes is specified or known because a pair of nodes is located on the same communication interface unit 105. In one example, a first pair of nodes includes node 1 and node 4 and a second pair of nodes includes node 2 and node 3. In this example, the first pair of nodes represents the transmitter circuit 305A and the receiver circuit 310A, and the second pair of nodes represents the receiver circuit 310B and the transmitter circuit 305B. The propagation time between nodes included in the first pair of nodes or the second pair of nodes may be programmed or otherwise stored in a memory accessible by the respective communication interface unit 105. Alternatively, other parameters, such as the distance between nodes included in the first or second pair of nodes or other parameters from which the propagation time may be inferred or calculated, may be stored in a memory accessible by the respective communication interface unit 105.

In one implementation, the time of flight calculation is performed multiple times and the results are averaged to determine an average time of flight, which may be used as a seed for encrypting information exchanged between the communication device 100 and the computing device 300. In one implementation, the time of flight calculation is performed at a specified time or interval time, such as during power-up of the communication device 100 or the computing device 300, when data is not being transmitted (e.g., during an idle period) between the communication device 100 and the computing device 300, or at a specified interval in accordance with the system requirements. The interface controller 320A/B then stores the value of the calculated time of flight in memory accessible by the respective devices for further processing. In another embodiment, the interface controllers 320A/B calculate the time of flight between each device during transport mode in a manner similar to that as described during link-training mode.

By employing multiple timer cycles, the interface communication units 105 can more accurately calculate the round-trip propagation time of information exchanged between the communication interface units 105A/B. Accordingly, the calculated time of flight of the training information may be used as a seed to generate an encryption key as further described in conjunction with FIG. 6.

Returning to FIG. 3B, in one embodiment, the interface controller 320A includes circuitry to detect the frequency of an EHF transmission signal received during link-training mode or transport mode and uses the measurement of the detected frequency to generate an indication of proximity of the communication interface unit 105A to a nearby object. The presence of a nearby object, e.g., the computing device 300, sufficiently close to the transducer 315A causes the frequency of the detected signal to vary based on the presence and proximity of the nearby object, as further described in U.S. patent application Ser. No. 13/524,963, which is incorporated by reference in its entirety. The interface controller 320 is further configured to use other attributes (e.g., measure of transmission strength or calibration information specifying receiver threshold energy) of the detected EHF transmission to determine the distance between corresponding communication interface units. In another embodiment, the communication device 100 and/or the computing device 300 identification information is exchanged between the two devices.

In one embodiment, during the transport mode the interface controller 320 is configured to establish an authentication protocol by which the communication device 100 can regulate access by other devices to a portion of information stored on memory device 110 as further described in conjunction with FIG. 6. In one embodiment, the interface controller 320A uses attributes of the detected authentication EHF transmission received during the link-training mode to encrypt the information transmitted by the transmitter circuit 305A to the computing device 300 during transport mode to permit access to information stored on the communication device 100 by authorized devices. For example, the interface controller 320A uses the calculated propagation time or time of flight between devices as a basis or seed to encrypt data transmitted by the transmitter circuit 305A. The propagation time or time of flight between the communication device 100 and the computing device 300 is calculated by the interface controller 320B included in the computing device 300 during link-training mode in a manner similar to that described for the communication device 100. In turn, the computing device 300 uses the propagation time or time of flight calculated by the computing device 300 to decrypt the encrypted information received from the communication device 100 and to encrypt information transmitted to the communication device 100 by the computing device 300 during transport mode. In another embodiment, the interface controller 320A uses attributes (e.g. transmission property of the transmitter side of the transducer 320A) of the EHF transmission, received during the transport mode as a seed to encrypt the information transmitted by the transmitter circuit 305A to the computing device 300 during transport mode. Similarly, the interface controller 320B uses attributes of the detected authentication EHF transmission received during the transport mode to encrypt the information transmitted by the transmitter circuit 305B to the communication device 100 during transport mode. Alternatively, one or a combination of time of flight measurements, transmission property parameters, detected frequency of an EHF transmission, or any parameter derived or calculated therefrom, may be used as a seed to encrypt information exchanged between with communication device 100 and the computing device 100.

In another embodiment, the interface controller 320 uses an authentication code to verify that another device is permitted to exchange information with the communication device 100. An authentication code is a device identifier (e.g., multi-bit code) that operates as a device key. The authentication code (e.g., cryptographic algorithm(s)) may be stored in a memory location accessible by the communication device 100, encoded by the interface controller 320A, and transmitted by transmitter circuit 305A to the computing device 300. Alternatively, the authentication code may be stored in the transmitter circuit 305A/B, the receiver circuit 310A/B, or the interface controller 320A/B. The interface controller 320B includes circuitry to decode the EHF transmission received from the transmitter circuit 305A, recover the authentication code, and compare the recovered authentication code with a copy of an authentication code stored on the computing device 300 to determine if the codes match, indicating an authorized device. In one embodiment, the communication device 100 employs key exchange, High-bandwidth Digital Content Protection (HDCP), public key encryption, or other known encryption techniques to protect information exchanged between the communication device 100 and the computing device 300. In one embodiment, one or more of device key information, authentication code, and other security-related information is stored in a read-only part of the communication device 100 (e.g., a protected region of the memory device 100 or within an integrated circuit that embodies the communication interface unit 105A.

FIG. 6 illustrates a block diagram of a communication interface unit that includes an encryption module. As shown in FIG. 6., the communication interface unit 105A transmits encrypted information using a seed 602 to generate an encryption key for encrypting the transmitted information. In one embodiment, the seed 602 includes one or a combination of the calculated round-trip propagation time, calculated transmission property of the transmitter side of a transducer, and the detected frequency of an EHF transmission that serves as an input to a key generator 604. In one implementation, the key generator 604 is implemented in hardware, such as using a linear feedback shift register (LFSR). In another implementation, the key generator 604 is implemented in software, or implemented using a combination of hardware and software. The key generator 604 supplies the generated encryption key to an encryption module 606A1 and a decryption module 606A2.

In the transmitter path of the communication interface unit 105A, the encryption module 606A1 uses the encryption key as a basis to encode (encrypt) information received from the interface controller 320A1 in accordance with an encryption scheme or protocol. The encryption module 606A1 may employ one or more encryption algorithms, or a combination of hardware and software to encode information using the generated key. The encrypted information output by the encryption module 606A1 is received by the transmitter circuit 305A for transmission to the communication interface unit 105B.

The receiver path of the communication interface unit 105A operates in a manner similar to the transmitter path. In the receiver path of the communication interface unit 105A, the decryption module 606A2 uses the encryption key as a basis to decode (decrypt) information received from encrypted information received by the receiver circuit 310A in accordance with a decryption scheme or protocol. The decryption module 606A2 employs one or more decryption algorithms, or a combination of hardware and software to decode information using the key generated by the key generator 604A. The decrypted information output by the decryption module 606A2 is received by the interface controller 320A2 for further processing. Accordingly, during the transport mode the interface controllers 320 are configured to establish an authentication protocol by which the communication device 100 can regulate access by other devices to a portion of information stored on memory device 110.

Returning to FIG. 3B, although the components of the communication device 100 are depicted as separate components, one or more components of the communication device 100 may be combined or otherwise integrated into a single component. In one example, the communication interface unit 105A is integrated with the storage device controller 115. In another example, the communication interface unit 105 is integrated with memory device 110.

In one embodiment, the computing device 300 is a storage device reader configured to access data stored on memory device 110 of the communication device 100. The computing device 300 includes a device controller 325 that operates as a processor or controller to manage the operations of the computing device 300. In another embodiment, the computing device 300 is a storage device with functionality similar to the communication device 100. In one example, the computing device 300 is an unencapsulated storage subsystem that may be stacked vertically or otherwise arranged to communicate with communication device 100. In another example, the computing device 300 is an encapsulated storage device, such as the communication device 100.

In one embodiment, the functionality of the communication device 100 varies based on the computing device 300 in communication with the communication device 100. For example, the communication device 100 is configured to manage access to data stored on the communication device 100 based on computing device 300 in communication with the communication device 100. Data, such as movies, may be accessed from the storage device when the communication device 100 or the surface of an object coupled to communicate with the communication device 100 comes in contact (i.e., contactless communication) with a particular computing device 300. By operating in such a manner, the pair of devices operate in conjunction to authenticate access to data stored on the communication device 100 based on a particular device pairing. In another embodiment, functionality of communication device 100 varies based on the device type of the communication device 100 (e.g., mobile phone, imaging device, tablet computing device, etc.) and the computing device 300 in communication with the communication device 100. For example, when operating in communication with a computing device 300, a communication device 100 included in a mobile phone operates as a local storage device. In another example, when operating in communication with a computing device 300, a communication device 100 included in an imaging device (e.g., a digital camera) operates as storage for an operating system. In one embodiment, the communication device 100 allows access to only certain portions of the memory device 110 based on one or more attributes of the computing device 300. For example, based on the authentication attributes of the computing device 300, a portion of the memory device 110 is made accessible to the computing device 300.

In one embodiment, the communication device 100 controls the operation of the computing device 300. Alternatively, the computing device 300 controls the operation of communication device 100. That is, the communication device 100 operates as a data sink or a data source depending on the pairing of the communication device 100 and the computing device. In another embodiment, multiple communication devices 100 operate in a master/follower mode. In master/follower mode, information stored on a follower device is accessible responsive to a master device being read by a computing device 300 and sending an indication to the follower device that the master device has been read by the computing device 300. In the master/follower mode, the master communication device 100 is operative to provide access to a master key to authenticate access to the follower communication device 100. The master and follower devices authenticate each other by employing authentication techniques as previously described with reference to the interface controllers 320 of FIG. 3A/B, or any similar technique.

In one embodiment, the computing device 300 performs a secure data trim of data stored on communication device 100. For example, the computing device 300 compares data stored on communication device 100 at a first time with data stored on the storage device at a later time to determine if the stored data has been removed or deleted, and to perform a secure trim into the storage location where the data has been removed or deleted. In another embodiment, the computing device 300 periodically logs data or a record of the data transferred between the communication device 100 and the computing device 300. The computing device 300 is further configured to identify unauthorized data (i.e., copyrighted data or content determined as being unauthorized based on data access permissions determined based at least in part on the particular pairing of the communication device 100 with the computing device 300) during a logging operation. Upon a determination of existence of unauthorized data, the computing device 300 disables access to the unauthorized data.

In one embodiment, the particular pairing of a communication device 100 with a computing device 300 alters the user profile of software executing on a device associated with the communication device 100. For example, a device, such as a tablet computing device or a mobile phone has a personal user profile stored on a communication device 100 included in the tablet or mobile phone. When the device establishes communication with a computing device 300, the computing device 300 removes the personal profile stored on the communication device 100, and replaces the personal profile with a secured profile (e.g., work profile) suitable to use in a secure location.

Access Control

For example, such functionality may be employed in an access control system for managing access to a secure location, such as private building or office, government facility, or other location that may provide access to sensitive information. In this scenario, to gain access (e.g., check-in) to a secure location, a person places the communication device 100 in physical proximity to an access control reader that incorporates the computing device 300. In one example, devices are in physical proximity when the distance between the device is less than or equal to a threshold distance sufficient for the communication device 100 and the computing device 300 to establish a communication channel and exchange information, as described with reference to FIG. 3. When the devices are in physical proximity, the computing device 300 initiates a check-in process. During the check-in process the computing device 300 performs action to record time, location, and a device state of the communication device 100 used by a user to provide access to the secure location. For example, during the check-in process, the computing device 300 stores a time stamp representing when the communication device 100 paired with the computing device 300 of the access control reader. The computing device 300 sends the time stamp information to communication device 100 or computing system for the secure location, which in turn, stores one or a combination of time stamps, corresponding user identification information, and location information in an access log. In another example, the computing device 300 also determines whether there is personal data stored on the communication device 100, copies any discovered stored personal data to a secure location, and removes the personal data from the communication device 100. In one example, the computing device 300 identifies personal data based on file attributes, including file extension, file name, and associated application software. Other common known techniques may be employed by the computing device 300 to identify personal data stored on the communication device 100.

In one embodiment, during the check-in process the computing device 300 also limits one more capabilities of the communication device 100. For example, during the check-in process the computing device 300 disables image capture, audio capture, and communication functionality of the communication device 100. In another example, the computing device 300 also disables one or more capabilities of the communication device 100 based on location of the communication device 100, where the location of the communication device 100 is determined based on global positioning information (GPS), Wi-Fi positioning information, or other location information provided by the communication device 100.

In one embodiment, during the check-in process, the computing device 300 loads a secure profile on the communication device 100 that provides secure communication access within the secure location without disclosing passwords, network information, or other sensitive data to the user. In another embodiment, the computing device 300 logs data stored on the communication device 100 at the time of check-in. In one example, the computing device 300 scans the logged data for viruses or unauthorized data, and removes or quarantines such data in a secure location for further processing. In another example, during a check-out process the computing device 300 compares the logged data to a record of the data transferred to or stored on the communication device 100 after the check-in process. If the comparison indicates that the communication device 100 accessed unauthorized information, the computing device 300 will remove the corresponding files during the check-out process.

When exiting the secure location, the user causes the communication device 100 to initiate the check-out process, where the user repeats the process of placing the communication device 100 in physical proximity with the access control device equipped with a computing device 300. The access control device, in turn, restores the communication device 100 to a pre-check-in state. For example, during the check-out process the access control device performs one or more of the following actions: removes the secure profile from the communication device 100, restores the user's personal data, and restores the communication device's 100 capabilities to the state prior to entering the secure location.

In another embodiment, a communication device 100 operates as a key to a home. In one example, an access point (e.g., door, garage door, etc.) of a home includes one or more access control regions that include a computing device 300. Like in the check-in/check-out example previously described, a person places the communication device 100 in physical proximity to an access control panel that incorporates the computing device 300. The computing device 300, in turn, authenticates the user based on information located on the computing device 300 and the communication device 100. In one example, the computing authenticates the user in accordance with an authentication protocol as previously described with reference to the interface controllers 320 included in the respective pair of devices. In another example, the computing device 300 operates in conjunction with the communication device 100 to perform a multi-factor authentication. In one scenario, the communication device 100 and the computing device 300 perform a two-factor authentication, where the communication device 100, along with one of a personal identification number (PIN), a user's biometric information (e.g., retina scan, thumb print, voice signature, etc.) maintained on the computing device 300 or communication device 100 is used to authenticate the user's identity.

Once authenticated, the computing device 300 registers the authenticated user's status to indicate the user is currently in the home, and accesses the authenticated user's profile to execute access control settings associated with the authenticated user. Access control settings specify, for example, lighting, environmental, audio/visual, security, communication systems, or other home system controls. The access control settings may be stored in one or a combination of the communication device 100 or the computing device 300 incorporated in the access control panel. In operation, the computing device 300 incorporated in the access control panel communicates with other systems in the home to execute the access control settings in accordance with the access control settings of a particular authenticated user. In some cases, the access control settings for a particular user specify variations based on time of day, or based on whether other authenticated users are registered as being home. Using the communication device 100, a user registered as being at home may view the home access history. The home access history specifies any users presently at home and information about when those users arrived home and any other detectable activity of the other users since they arrived home. The access history also specifies when a user leaves the home, because a registered user is deregistered by the computing device 300 when the user leaves. In one example, the computing device 300 and the communication device 100 operate in a process similar to the previously described check-out process when a user leaves the home. For example, to lock the door when exiting the home, the user places the communication device 100 in physical proximity with an access control panel that incorporates the computing device 300. The computing device 300 re-authenticates the user, executes any user access control settings (e.g., turn off lights, set timers, enable security system, etc.), and locks the door.

In another access control application, a check-in/check-out process, similar to that previously described may be used regulate access between countries at a border crossing location or when passing through customs at a transit station. In this application, a user wishing to enter another country or region checks-in devices equipped with a user-accessible electronic storage medium at an access control system. During check-in, a communication device 100 is scanned for harmful information, such as viruses, by a computing device 300 included in an access control system. In another example, during check-in, the computing device 300 accesses location information, network connectivity information, or other information that may indicate activity of the user associated with the device, which may be potentially harmful to a country or region regulating access. When exiting a region or a country, the computing device 300 performs a check-out process and scans the communication device 100 for unauthorized information (e.g., confidential government information). If detected, such unauthorized information is removed from the communication device 100 by the computing device 300 prior to completion of the check-out process.

In a further access control application, the pairing of a communication device 100 with a computing system 300 included in an access control system is used to regulate access to a venue requiring a ticket for entry. In one embodiment, a user receives a ticket for entry into a particular event, such as a concert, sporting event, movie, or other performance. The received ticket is stored on the communication device 100 in an electronic format capable of being read by the computing device 300 included in the access control system. For example, the ticket may be stored as an image file format that includes a ticket identifier, such as an optical machine readable representation of data (e.g., bar code, Quick Response (QR) code, etc.) identifying the ticket. When entering the venue or event location, the user initiates a check-in process by placing the communication device 100 that stores an electronic representation of the ticket near an access control system interface that includes a computing device 300.

During the check-in process, the computing device 300 scans the communication device 100 and detects the ticket identifier or other attribute of the ticket. The computing device 300 operates or alone or in conjunction with other computing systems at the event to authenticate the detected ticket. Once authenticated, user associated with the communication device 100 is allowed entry into the event. In one embodiment, responsive to the ticket being authenticated, the computing device 300 sends a notification to the communication device 100 indicating that the ticket has been authenticated. In addition to the notification, the computing device 300 may also send event information (e.g., event maps, application software, advertisements, offers for sale, coupons, seating charts, etc.) to the communication device 100 for display to the user.

In another venue access control application, the pairing of a communication device 100 with a computing system 300 included in an access control system is used to regulate the capturing of images of objects on display at the venue using the communication device 100. In venues, such as a museum, taking pictures of exhibits or art work may be prohibited. In such a situation, images of museum objects may be sent to a communication device 100 by placing the communication device 100 in physical proximity to an information transfer interface that includes a computing device 300. In one embodiment, the computing device 300 sends for display on the communication device 100 one or more selections of previously captured images to the communication device 100, or sends the option to capture an image from an image capture device located in the museum. In another embodiment, the computing device 300 sends one or more selections to transfer information about the museum, museum exhibit, or other related information (e.g., advertisements, offers for sale, coupons, etc.) to the communication device 100 when the user places the communication device 100 in physical proximity to the information transfer interface. Additionally, an information transfer interface may be used in a similar manner for other applications or at other venues or locations, including amusement parks, cruise ships, raceways, weddings, photo booth kiosks, to send images or information to a communication device 100.

In a further access control application, a check-in/check-out process, similar to that previously described may be used to regulate access to operation of a vehicle. In this application, during a check-in process a user places the communication device 100 in physical proximity to an access control panel on the vehicle that incorporates the computing device 300. The computing device 300, in turn, authenticates the user based on information located on the computing device 300 and the communication device 100 used by the user to gain access to the vehicle. In one example, the computing device 300 authenticates the user in accordance with an authentication protocol as previously described with reference to the interface controllers 320 included in the respective pair of devices. In another example, the computing device 300 operates in conjunction with the communication device 100 to perform a multi-factor authentication, such as that described with reference to the home access control.

Once authenticated, the computing device 300 registers the authenticated user's status to indicate the user is currently in the vehicle, and accesses the authenticated user's profile to execute vehicle control settings associated with the authenticated user. Vehicle control settings specify, for example, time, place, and maximum operating speed for operating the vehicle. These settings may be programmed by a user, such as the vehicle's owner, rental car company, car dealer, or other person or entity charged with control of the vehicle. The settings are communicated by the computing device 300 to the vehicle's drive control systems to execute the vehicle control settings. In some cases, the access control settings specify variations based on time of day, or whether another user of a threshold age can be authenticated as being in the vehicle at same time as the requesting user. For example, to comply with government regulations, a driver holding a limited use license or driving permit, may be permitted to drive under only with another person above a particular age. In this example, the requesting driver and the accompanying drive would check-in to the vehicle access control system using separate communication devices 100 associated with the respective user. When the access control system of the vehicle authenticates the identity of both users, the requesting user would be allowed to operate the vehicle in accordance with the vehicle access settings associated with requesting user.

In another example of vehicle access control, a communication device 100 associated with a user and an access control system that includes a computing device 300 is used to detect a potentially impaired driver. Like the previous vehicle access control, the driver initiates a check-in process by placing the communication device 100 in physical proximity to an access control panel on the vehicle that incorporates the computing device 300. The computing device 300, in turn, authenticates the user and initiates a driver assessment process.

In one embodiment, the driver assessment process includes determining current driving conditions and presenting for display on the communication device 100 a series of prompts to determine whether a requesting driver's ability to operate the vehicle might be impaired based on the determined driving conditions and the current physical state of the requesting driver. In one example, the computing device 300 interacts with one or a combination of the communication device 100 and the vehicle's infotainment system to determine the time of day, whether conditions, traffic conditions, and vehicle location. The vehicle location may be represented as, for example, geographic coordinates, a street address, or proximity to one or more merchant locations that offer goods or services capable of impairing a person's ability to safely operate a vehicle.

During the driver assessment process, the computing device 300 presents one or more prompts to the user and receives one or more responses to the prompts. The prompts are formatted as one or a combination of text, audio, symbols, images, or other visual or audio representation perceivable by a user using the communication device 100. For example, the prompt may be presented for display on the communication device 100 as a game to test the driver's dexterity, response time, vision, or other cognitive ability that could impact one's ability to safely operate a vehicle. In one example, the prompt requests that the user enter a response by interacting with a display of the communication device 100, speaking, or providing biometric information (eye tracking information or voice information for speech recognition) to the communication device 100.

The communication device 100 sends the received prompt responses to the computing device 300 for evaluation. The computing device 300 uses one or more stored factors to score a response. Factors include, for example, the substance of the response, the response time, or training information (voice signature or eye tracking rate). The aggregate score of each factor is compared to a competency threshold based on driving conditions. For example, in cases where the current driving conditions detected by the computing device 300 indicate a present time of 2:30 am, raining, and the car is located near a bar, the competency threshold is higher than if the detected current driving conditions indicate a present time of 10:00 am, sunny, and the car is located near a park. In cases where the aggregate score meets or exceeds competency threshold, the computing device 300 allows the requesting driver to operate the vehicle. Otherwise, the computing device 300 may disable or limit operation of the vehicle, cause the communication device 100 to display information for alternative modes of transportation, or send a notification to a designated entity or person that the requesting driver needs assistance.

FIG. 7 illustrates a flowchart of a method for controlling access to a communication device, according to one embodiment. To improve security when communicating between the communication device 100 and the computing device 300, the interface controller 320 also manages the exchange of data between communication interface units 105 of corresponding devices by verifying that communication interface unit 105B of the computing device 300 is within a predetermined range and is part of a device identified as being authorized to communicate with the communication device 100 before or during a communication attempt. The communication device 100 detects 705 a reflected EHF transmission from a reflective surface associated with a computing device, communication device, or other device that includes a communication interface unit capable of communicating with the corresponding communication interface unit included in the communication device 100. The communication device 100 analyzes 710 the reflected EHF transmission to detect characteristics of the reflected EHF transmission that may be used as an indicator of proximity of the communication device 100 to another device in close proximity (1 mm-5 cm) to the communication device 100. In analyzing the reflected EHF transmission, the communication device 100 employs known electromagnetic signal analysis techniques to EHF transmissions, including time domain, frequency domain, impedance measurements techniques.

Using the analysis results, the communication device 100 determines 715 whether distance between a first device and second device satisfies a threshold distance sufficient to exchange EHF transmissions between a first and second communication interface units included in the respective devices. In one embodiment, an indication of the actual or relative proximity between devices is determined based on a detected change in the transmission property of the transmitter side of a transducer included in the first device caused by the reflection of an EHF transmission off of a surface of the second device. In one embodiment, an indication of proximity between the first device and second device is determined based on a calculation of the propagation time of an EHF signal transmitted by the first device, received by the second device, and transmitted back to the first device. Using the calculated propagation time, the proximity between the first device and the second device may be determined. In another embodiment, an indication of proximity between the first device and second device is determined based on a calculation of the frequency of a reflected EHF signal transmitted and received by the first device after reflection by a surface of the second device. The frequency of the received reflected EHF transmission is proportional to the propagation delay of the EHF communication signal as previously described. Because the signal propagation time through a distance D 330, as shown in FIG. 3, increases as the distance D 330 increases, the frequency and propagation delay are related to the distance D 330. And thus the distance may be calculated based on a measure of the frequency of the reflected EHF transmission received by the first device (e.g., the communication device 100). In further embodiments, one or a combination of the signal strength or other attributes of a reflected EHF transmission detected by the first device may be used to determine the proximity between the first device and the second device. Upon a determination that the calculated proximity between a first and second device is not within a threshold distance, the communication device 100 prohibits information to be exchanged between the communication device 100 and another device attempting communication with the communication device 100 and returns to step 715.

Upon a determination that the calculated proximity between a first and second device is within a threshold distance, the communication device 100 permits 720 information to be exchanged between the communication device 100 and another device attempting communication with the communication device 100. In permitting information to be exchanged between the two devices (e.g., the communication device 100 and the computing device 300) the interface controller 320A operates in conjunction with the transmitter circuit 305A to modulate the transmission of information stored on memory device to the computing device 300 as previously described with respect to FIGS. 3A and 3B. In one embodiment, the interface controller 320 encodes information transmitted by transmitter circuit 305 by employing one or more encryption schemes. In one example, the interface controller 320 encodes information transmitted by the transmitter circuit 305 based on the calculated measure of the time of flight of and EHF transmission from the transmitter of a first device to a receiver of a second device and vice versa. The calculated time of flight is known by both devices, and thus may be used as an encryption key. And because the time of flight between devices changes in a random manner, the time of flight operates as a random encryption key generator that is used by the interface controller 320 to provide a high measure of data transmission security between the two devices. The interface controller 320 may execute one or more known encryption algorithms using the time of flight as an encryption key to encode and decode information exchanged between the communication device 100 and computing device 300.

In one embodiment, upon a determination that the calculated proximity between a first and a second device is within a threshold distance, the interface controller 320A employs an authentication protocol to determine whether a device attempting to communicate with the communication device 100 is an authorized device. For example, the communication device 100 may use an authentication code to verify that another device is permitted to exchange information with the communication device 100. To determine whether a device is an authorized device, the communication device 100 receives information including an authentication code from a requesting device. In one embodiment, the authentication code is received responsive to a query (e.g., a beacon signal) from the communication device 100. In other embodiments, the authentication code is sent by the computing device 300 independent of receiving a request or query from the communication device 100. The communication device 100 recovers the authentication code, compares the recovered authentication code with an authentication code stored on the communication device 100 to determine if the codes match. The computing device 300 performs the same operation as the communication device 100 to compare an authentication code received from the communication device 100 with an authentication code stored on the computing device. If the codes match on both devices, the communication device 100 operates as described in step 720. Otherwise, the communication device 100 prohibits information from being exchanged between the two devices, and returns to one of steps 705, 710, or 715.

Upon reading this disclosure, those of skill in the art will appreciate still additional alternative designs for a portable communication device that includes a contactless secure communication interface. For example, although the interface controller 320A authenticates another device as being authorized to access data stored on the communication device 100 based on one or more attributes of EHF transmissions from the computing device 300, the same principles of this disclosure are also applicable to alternative designs based on other types of signals transmitted or received by the communication device 100. Thus, while particular embodiments and applications of the specification have been illustrated and described, it is to be understood that the disclosure is not limited to the precise construction and components disclosed herein and that various modifications, changes and variations which will be apparent to those skilled in the art may be made in the arrangement, operation and details of the method and apparatus of the present disclosure disclosed herein without departing from the spirit and scope of the present disclosure. 

What is claimed is:
 1. A method for regulating access to information located in a secure location, the method comprising: determining whether a distance between a communication device and a computing device satisfies a threshold distance, the computing device included in an access control reader located at the secure location; and responsive to the distance between the communication device and the computing device satisfying the specified threshold distance: establishing a communication channel between the communication device and the computing device, the communication device and the computing device exchanging information using extremely high frequency (EHF) signals, identifying content stored in the communication device having at least one specified file attribute, and removing the identified content from the communication device.
 2. The method of claim 1, wherein responsive to the distance between the communication device and the computing device satisfying a threshold distance, disabling specified functionality of the communication device.
 3. The method of claim 2, wherein the specified functionality of the communication device includes wireless communication.
 4. The method of claim 2, wherein the specified functionality of the communication device includes audio capture.
 5. The method of claim 2, wherein the specified functionality of the communication device includes video capture.
 6. The method of claim 2, wherein the specified functionality of the communication device is disabled when the communication device is at a specified location within the secure location.
 7. The method of claim 1, wherein responsive to the distance between the communication device and the computing device satisfying a threshold distance, loading a secure profile on to the communication device.
 8. The method of claim 1, wherein responsive to the distance between the communication device and the computing device satisfying a threshold distance, logging contents stored on the communication device.
 9. A method for regulating access by a user to a secure location, the method comprising: determining whether a distance between a communication device, associated with the user, and an access control device located at the secure location satisfies a threshold distance; responsive to the distance between the communication device and the computing device satisfying the threshold distance, the communication device and the access control device exchanging capability information describing functionality of the respective devices; and authenticating the user based at least in part on the capability information.
 10. The method of claim 9, further comprising receiving training information from the communication device, the training information specifying a data pattern used by the access control device to select access control device settings to exchange information with the communication device over a transmission path, the training information indicating a signal propagation time.
 11. The method of claim 10, wherein the signal propagation time represents a measure of time that it takes for an EHF transmission transmitted by the access control device to the communication device to be received by the access control device from the communication device over the transmission path.
 12. The method of claim 10, further comprising authenticating the user based at least in part on the training information.
 13. The method of claim 10, further comprising authenticating the user based at least in part on the user's biometric information.
 14. The method of claim 9, wherein the capability information comprises a device type.
 15. The method of claim 9, wherein the capability information comprises a transport mode.
 16. The method of claim 9, wherein the capability information comprises encryption information.
 17. An access control system comprising: a computing device comprising: at least one transmitter configured to transmit data using close proximity extremely high frequency (EHF) electromagnetic energy to a communication device over a first transmission path, the communication device associated with a user; at least one receiver configured to receive data from the communication device over a second transmission path; and an interface control circuit coupled to the at least one transmitter unit and the at least one receiver and configured to: determine whether a distance between the communication device and the computing device satisfies a threshold distance, and responsive to the distance between the communication device and the computing device satisfying the threshold distance, establish a communication channel between the communication device and the computing device, the communication device and the computing device exchanging information over the communication channel using EHF signals; and a device controller coupled to the interface controller and configured to: identify content stored on the communication device having at least one specified file attribute, and remove the identified content from the communication device.
 18. The access control system of claim 17, wherein the device controller is configured to disable specified functionality of the communication device responsive to the determined distance between the communication device and the computing device satisfying a threshold distance.
 19. The access control system of claim 18, wherein the specified functionality of the communication device includes wireless communication.
 20. The access control system of claim 18, wherein the specified functionality of the communication device includes audio capture. 